NTSTATUS
CdPnpSurpriseRemove (
_Inout_ PIRP_CONTEXT IrpContext,
_Inout_ PIRP Irp,
_Inout_ PVCB Vcb
)
/*++
Routine Description:
This routine handles the PnP surprise remove operation. This is another
type of notification that the underlying storage device for the volume we
have is gone, and is excellent indication that the volume will never reappear.
The filesystem is responsible for initiation or completion the dismount.
For the most part, only "real" drivers care about the distinction of a
surprise remove, which is a result of our noticing that a user (usually)
physically reached into the machine and pulled something out.
Surprise will be followed by a Remove when all references have been shut down.
Arguments:
Irp - Supplies the Irp to process
Vcb - Supplies the volume being removed.
Return Value:
NTSTATUS - The return status for the operation
--*/
{
NTSTATUS Status;
KEVENT Event;
BOOLEAN VcbPresent = TRUE;
PAGED_CODE();
ASSERT_EXCLUSIVE_CDDATA;
//
// SURPRISE - a device was physically yanked away without
// any warning. This means external forces.
//
CdAcquireVcbExclusive( IrpContext, Vcb, FALSE );
//
// Invalidate the volume right now.
//
// The intent here is to make every subsequent operation
// on the volume fail and grease the rails toward dismount.
// By definition there is no going back from a SURPRISE.
//
CdLockVcb( IrpContext, Vcb );
if (Vcb->VcbCondition != VcbDismountInProgress) {
CdUpdateVcbCondition( Vcb, VcbInvalid);
}
CdUnlockVcb( IrpContext, Vcb );
//
// We need to pass this down before starting the dismount, which
// could disconnect us immediately from the stack.
//
//
// Get the next stack location, and copy over the stack location
//
IoCopyCurrentIrpStackLocationToNext( Irp );
//
// Set up the completion routine
//
KeInitializeEvent( &Event, NotificationEvent, FALSE );
IoSetCompletionRoutine( Irp,
CdPnpCompletionRoutine,
&Event,
TRUE,
TRUE,
TRUE );
//
// Send the request and wait.
//
Status = IoCallDriver(Vcb->TargetDeviceObject, Irp);
if (Status == STATUS_PENDING) {
(VOID)KeWaitForSingleObject( &Event,
Executive,
KernelMode,
FALSE,
NULL );
Status = Irp->IoStatus.Status;
}
//
// Now make our dismount happen. This may not vaporize the
// Vcb, of course, since there could be any number of handles
// outstanding since this is an out of band notification.
//
VcbPresent = CdCheckForDismount( IrpContext, Vcb, TRUE );
//
// Release the Vcb if it could still remain.
//
if (VcbPresent) {
CdReleaseVcb( IrpContext, Vcb );
}
else {
_Analysis_assume_lock_not_held_(Vcb->VcbResource);
}
CdReleaseCdData( IrpContext );
//
// Cleanup our IrpContext and complete the IRP.
//
CdCompleteRequest( IrpContext, Irp, Status );
return Status;
}
NTSTATUS
CdPnpQueryRemove (
_Inout_ PIRP_CONTEXT IrpContext,
_Inout_ PIRP Irp,
_Inout_ PVCB Vcb
)
/*++
Routine Description:
This routine handles the PnP query remove operation. The filesystem
is responsible for answering whether there are any reasons it sees
that the volume can not go away (and the device removed). Initiation
of the dismount begins when we answer yes to this question.
Query will be followed by a Cancel or Remove.
Arguments:
Irp - Supplies the Irp to process
Vcb - Supplies the volume being queried.
Return Value:
NTSTATUS - The return status for the operation
--*/
{
NTSTATUS Status;
KEVENT Event;
BOOLEAN VcbPresent = TRUE;
PAGED_CODE();
ASSERT_EXCLUSIVE_CDDATA;
//
// Having said yes to a QUERY, any communication with the
// underlying storage stack is undefined (and may block)
// until the bounding CANCEL or REMOVE is sent.
//
// Acquire the global resource so that we can try to vaporize the volume,
// and the vcb resource itself.
//
CdAcquireVcbExclusive( IrpContext, Vcb, FALSE );
//
// Drop a reference on the Vcb to keep it around after we drop the locks.
//
CdLockVcb( IrpContext, Vcb);
Vcb->VcbReference += 1;
CdUnlockVcb( IrpContext, Vcb);
CdReleaseCdData( IrpContext);
Status = CdLockVolumeInternal( IrpContext, Vcb, NULL );
//
// Reacquire the global lock, which means dropping the Vcb resource.
//
CdReleaseVcb( IrpContext, Vcb );
CdAcquireCdData( IrpContext );
CdAcquireVcbExclusive( IrpContext, Vcb, FALSE );
//
// Remove our extra reference.
//
CdLockVcb( IrpContext, Vcb);
Vcb->VcbReference -= 1;
CdUnlockVcb( IrpContext, Vcb);
if (NT_SUCCESS( Status )) {
//
// We need to pass this down before starting the dismount, which
// could disconnect us immediately from the stack.
//
//
// Get the next stack location, and copy over the stack location
//
IoCopyCurrentIrpStackLocationToNext( Irp );
//
// Set up the completion routine
//
KeInitializeEvent( &Event, NotificationEvent, FALSE );
IoSetCompletionRoutine( Irp,
CdPnpCompletionRoutine,
&Event,
TRUE,
TRUE,
TRUE );
//
// Send the request and wait.
//
Status = IoCallDriver(Vcb->TargetDeviceObject, Irp);
if (Status == STATUS_PENDING) {
(VOID)KeWaitForSingleObject( &Event,
Executive,
KernelMode,
FALSE,
NULL );
Status = Irp->IoStatus.Status;
}
//
// Now if no one below us failed already, initiate the dismount
// on this volume, make it go away. PnP needs to see our internal
// streams close and drop their references to the target device.
//
// Since we were able to lock the volume, we are guaranteed to
// move this volume into dismount state and disconnect it from
// the underlying storage stack. The force on our part is actually
// unnecesary, though complete.
//
// What is not strictly guaranteed, though, is that the closes
// for the metadata streams take effect synchronously underneath
// of this call. This would leave references on the target device
// even though we are disconnected!
//
if (NT_SUCCESS( Status )) {
VcbPresent = CdCheckForDismount( IrpContext, Vcb, TRUE );
NT_ASSERT( !VcbPresent || Vcb->VcbCondition == VcbDismountInProgress );
}
//
// Note: Normally everything will complete and the internal streams will
// vaporise. However there is some code in the system which drops additional
// references on fileobjects, including our internal stream file objects,
// for (WMI) tracing purposes. If that happens to run concurrently with our
// teardown, our internal streams will not vaporise until those references
// are removed. So it's possible that the volume still remains at this
// point. The pnp query remove will fail due to our references on the device.
// To be cleaner we will return an error here. We could pend the pnp
// IRP until the volume goes away, but since we don't know when that will
// be, and this is a very rare case, we'll just fail the query.
//
// The reason this is the case is that handles/fileobjects place a reference
// on the device objects they overly. In the filesystem case, these references
// are on our target devices. PnP correcly thinks that if references remain
// on the device objects in the stack that someone has a handle, and that this
// counts as a reason to not succeed the query - even though every interrogated
// driver thinks that it is OK.
//
if (NT_SUCCESS( Status) && VcbPresent && (Vcb->VcbReference != 0)) {
Status = STATUS_DEVICE_BUSY;
}
}
//
// Release the Vcb if it could still remain.
//
if (VcbPresent) {
CdReleaseVcb( IrpContext, Vcb );
}
else {
_Analysis_assume_lock_not_held_(Vcb->VcbResource);
}
CdReleaseCdData( IrpContext );
//
// Cleanup our IrpContext and complete the IRP if neccesary.
//
CdCompleteRequest( IrpContext, Irp, Status );
return Status;
}
NTSTATUS
CdPnpRemove (
_Inout_ PIRP_CONTEXT IrpContext,
_Inout_ PIRP Irp,
_Inout_ PVCB Vcb
)
/*++
Routine Description:
This routine handles the PnP remove operation. This is our notification
that the underlying storage device for the volume we have is gone, and
an excellent indication that the volume will never reappear. The filesystem
is responsible for initiation or completion the dismount.
Arguments:
Irp - Supplies the Irp to process
Vcb - Supplies the volume being removed.
Return Value:
NTSTATUS - The return status for the operation
--*/
{
NTSTATUS Status;
KEVENT Event;
BOOLEAN VcbPresent = TRUE;
PAGED_CODE();
ASSERT_EXCLUSIVE_CDDATA;
//
// REMOVE - a storage device is now gone. We either got
// QUERY'd and said yes OR got a SURPRISE OR a storage
// stack failed to spin back up from a sleep/stop state
// (the only case in which this will be the first warning).
//
// Note that it is entirely unlikely that we will be around
// for a REMOVE in the first two cases, as we try to intiate
// dismount.
//
//
// Acquire the global resource so that we can try to vaporize
// the volume, and the vcb resource itself.
//
CdAcquireVcbExclusive( IrpContext, Vcb, FALSE );
//
// The device will be going away. Remove our lock and find
// out if we ever had one in the first place.
//
Status = CdUnlockVolumeInternal( IrpContext, Vcb, NULL );
//
// If the volume had not been locked, we must invalidate the
// volume to ensure it goes away properly. The remove will
// succeed.
//
if (!NT_SUCCESS( Status )) {
CdLockVcb( IrpContext, Vcb );
if (Vcb->VcbCondition != VcbDismountInProgress) {
CdUpdateVcbCondition( Vcb, VcbInvalid);
}
CdUnlockVcb( IrpContext, Vcb );
Status = STATUS_SUCCESS;
}
//
// We need to pass this down before starting the dismount, which
// could disconnect us immediately from the stack.
//
//
// Get the next stack location, and copy over the stack location
//
IoCopyCurrentIrpStackLocationToNext( Irp );
//
// Set up the completion routine
//
KeInitializeEvent( &Event, NotificationEvent, FALSE );
IoSetCompletionRoutine( Irp,
CdPnpCompletionRoutine,
&Event,
TRUE,
TRUE,
TRUE );
//
// Send the request and wait.
//
Status = IoCallDriver(Vcb->TargetDeviceObject, Irp);
if (Status == STATUS_PENDING) {
(VOID)KeWaitForSingleObject( &Event,
Executive,
KernelMode,
FALSE,
NULL );
Status = Irp->IoStatus.Status;
}
//
// Now make our dismount happen. This may not vaporize the
// Vcb, of course, since there could be any number of handles
// outstanding if we were not preceeded by a QUERY.
//
// PnP will take care of disconnecting this stack if we
// couldn't get off of it immediately.
//
VcbPresent = CdCheckForDismount( IrpContext, Vcb, TRUE );
//
// Release the Vcb if it could still remain.
//
if (VcbPresent) {
CdReleaseVcb( IrpContext, Vcb );
}
else {
_Analysis_assume_lock_not_held_(Vcb->VcbResource);
}
CdReleaseCdData( IrpContext );
//
// Cleanup our IrpContext and complete the IRP.
//
CdCompleteRequest( IrpContext, Irp, Status );
return Status;
}
BOOLEAN
CdCommonClosePrivate (
_In_ PIRP_CONTEXT IrpContext,
_In_ PVCB Vcb,
_In_ PFCB Fcb,
_In_ ULONG UserReference,
_In_ BOOLEAN FromFsd
)
/*++
Routine Description:
This is the worker routine for the close operation. We can be called in
an Fsd thread or from a worker Fsp thread. If called from the Fsd thread
then we acquire the resources without waiting. Otherwise we know it is
safe to wait.
We check to see whether we should post this request to the delayed close
queue. If we are to process the close here then we acquire the Vcb and
Fcb. We will adjust the counts and call our teardown routine to see
if any of the structures should go away.
Arguments:
Vcb - Vcb for this volume.
Fcb - Fcb for this request.
UserReference - Number of user references for this file object. This is
zero for an internal stream.
FromFsd - This request was called from an Fsd thread. Indicates whether
we should wait to acquire resources.
DelayedClose - Address to store whether we should try to put this on
the delayed close queue. Ignored if this routine can process this
close.
Return Value:
BOOLEAN - TRUE if this thread processed the close, FALSE otherwise.
--*/
{
BOOLEAN RemovedFcb;
PAGED_CODE();
ASSERT_IRP_CONTEXT( IrpContext );
ASSERT_FCB( Fcb );
//
// Try to acquire the Vcb and Fcb. If we can't acquire them then return
// and let our caller know he should post the request to the async
// queue.
//
if (CdAcquireVcbShared( IrpContext, Vcb, FromFsd )) {
if (!CdAcquireFcbExclusive( IrpContext, Fcb, FromFsd )) {
//
// We couldn't get the Fcb. Release the Vcb and let our caller
// know to post this request.
//
CdReleaseVcb( IrpContext, Vcb );
return FALSE;
}
//
// We didn't get the Vcb. Let our caller know to post this request.
//
} else {
return FALSE;
}
//
// Lock the Vcb and decrement the reference counts.
//
CdLockVcb( IrpContext, Vcb );
CdDecrementReferenceCounts( IrpContext, Fcb, 1, UserReference );
CdUnlockVcb( IrpContext, Vcb );
//
// Call our teardown routine to see if this object can go away.
// If we don't remove the Fcb then release it.
//
CdTeardownStructures( IrpContext, Fcb, &RemovedFcb );
if (!RemovedFcb) {
CdReleaseFcb( IrpContext, Fcb );
}
else {
_Analysis_assume_lock_not_held_(Fcb->FcbNonpaged->FcbResource);
}
//
// Release the Vcb and return to our caller. Let him know we completed
// this request.
//
CdReleaseVcb( IrpContext, Vcb );
return TRUE;
}
